What is the PID in the host, of a process running inside a Docker container?

If you know either the host pid or the container pid you can find by searching all NSpid maps on the host like so:

# grep NSpid.*10061 /proc/*/status 2> /dev/null
/proc/1194200/status:NSpid: 1194200 10061

• 1194200 is the host pid
• 10061 is the container pid

The 2>/dev/null is to ignore short-lived processes that cause grep errors like this: grep: /proc/1588467/status: No such file or directory

You can look at the /proc/<pid>/status file to determine the mapping between the namespace PID and the global PID. For example, if in a docker container I start several sleep 900 processes, like this:

# docker run --rm -it alpine sh
/ # sleep 900 &
/ # sleep 900 &
/ # sleep 900 &

I can see them running in the container:

/ # ps -fe
PID   USER     TIME   COMMAND
    1 root       0:00 sh
    7 root       0:00 sleep 900
    8 root       0:00 sleep 900
    9 root       0:00 sleep 900
   10 root       0:00 ps -fe

I can look at these on the host:

# ps -fe | grep sleep
root     10394 10366  0 09:11 pts/10   00:00:00 sleep 900
root     10397 10366  0 09:12 pts/10   00:00:00 sleep 900
root     10398 10366  0 09:12 pts/10   00:00:00 sleep 900

And for any one of those, I can look at the status file to see the namespace pid:

# grep -i pid /proc/10394/status
Pid:    10394
PPid:   10366
TracerPid:  0
NSpid:  10394   7

Looking at the NSpid line, I can see that within the PID namespace this process has pid 7. And indeed, if I kill process 10394 on the host:

# kill 10394

Then in the container I see that PID 7 is no longer running:

/ # ps -fe
PID   USER     TIME   COMMAND
    1 root       0:00 sh
    8 root       0:00 sleep 900
    9 root       0:00 sleep 900
   11 root       0:00 ps -fe